Overview

overview

10

Static

static

10

6000009823...e.docx

windows7-x64

7

6000009823...e.docx

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d288b1586ca39e6bc25ad976b1786fe

  • Size

    23KB

  • Sample

    240215-gs7f3abc76

  • MD5

    9d288b1586ca39e6bc25ad976b1786fe

  • SHA1

    6c76f49187beb06065fb7c08127694ab20d76aa0

  • SHA256

    158586af64b6321998f5e08fab603e3958974409f0e120348d863802b8d14e21

  • SHA512

    2aa8fe87d87013df0dbb313d6e2b8056056a776cb95aab04ab78a30e1e55c43232e77e116d34b54fb4cf56396cea598d4e3f2e73f1d8f6b46c0f31344edb61bf

  • SSDEEP

    384:ZrpN0BLxER3jQDxItlsyyidaVTkZzaYqX+ouprBk8r1dcJ+KCC9c6aWTnB+zxh+A:Zr3CSaTidaVTkZzaeo6xKJDC79akxh+A

Score
10/10
websettings

Malware Config

Extracted

Rule
Microsoft Office WebSettings Relationship
C2

https://longurl.in/hZzk

Targets

    • Target

      60000098238_Quote.docx

    • Size

      10KB

    • MD5

      41456189c39549fb01583ba4d8e3a5ad

    • SHA1

      ccc5651034288364182c55ec76030ea4f22f8956

    • SHA256

      a0b2480a1eb4e0ad26f53b6dbda72e98783ad3c2caac258a316791f87374c8ea

    • SHA512

      9592ad1e3bc3d24c292dceaf72c78cc1685f4e77b1ae08d8a3e37bc01922565e8425bf421a657f1b15e8ba47e1f02754db3ed77dce2930e3e06efce0d63d67c8

    • SSDEEP

      192:ScIMmtPZG/bEpO8yVgEamWBXpK0ydJb3FZuN:SPXEEpOLNoEP7b2

    Score
    7/10

    • Abuses OpenXML format to download file from external location

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks